Kelp logo

Privacy Policy

Kelp does not own your data, nor do we sell it to others or use it for advertising. It’s your data, period.

This policy applies to all information collected or submitted on Kelp’s website and any other devices and platforms.


Information we collect

When creating an account, you will be asked to Sign in with Google. Email addresses are only used for logging in, password resets, responding to emails that you initiate, notifications that you request and notifying you about product updates or changes.

After account creation, you will be asked to connect external accounts like email, calendar and contacts. These integrations are optional. Each integration has special protections to ensure Kelp only uses data that is necessary for the product, and that sensitive fields are protected.


Calendar

What does Kelp do with my calendar?

Connected calendars are only used to create contacts and show your meeting history.

How do you protect my privacy?

Kelp asks for the most restricted access that Google allows, which is read-only. Kelp cannot create new events, change any existing events, delete your calendar, or access any other data within your Google account, including Gmail.

Calendar data does not pass through Kelp. Your device requests the data directly from Google.

You can revoke access to your calendar at any time at https://myaccount.google.com/permissions


Contacts

What does Kelp do with my contacts?

Connected contacts are only used to display names and photos from contacts from your calendar events and documents.

How do you protect my privacy?

Kelp asks for the most restricted access that Google allows, which is read-only. Kelp cannot create new contacts, change any existing contacts, delete your contacts, or access any other data within your Google account, including Gmail.

Optionally, you can enable write access to contacts which Kelp uses to allow you to edit your contact notes from Kelp. Kelp does not edit any other contact related data.

Contacts data does not pass through Kelp. Your device requests the data directly from Google.

You can revoke access to your contacts at any time at https://myaccount.google.com/permissions


Documents

What does Kelp do with my documents?

Documents are only used to display them with associated upcoming meetings.

How do you protect my privacy?

Kelp asks for the most restricted access that Google allows, which is read-only. Kelp cannot create new documents, change any existing documents, delete your documents, or access any other data within your Google account, including Gmail.

Documents data does not pass through Kelp. Your device requests the data directly from Google.

You can revoke access to your documents at any time at https://myaccount.google.com/permissions


Technical basics

If you enable notifications, we must store a token to send them. We never use notifications for marketing.

We use cookies on the site to keep you logged in. Our server software may also store basic technical information, such as your IP address, in temporary memory or logs.

For performance and overload protection, we direct your traffic through Vercel. They have access to some basic technical information to perform this role, such as your IP address. Vercel's Privacy Policy.


Registration and authentication

Third parties may provide registration and authentication services. In this case, they will be able to access some data, stored by these third-party services, for registration or identification purposes. The services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service.

Google OAuth (Google LLC)

Google OAuth is a registration and authentication service provided by Google LLC and is connected to the Google network. Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Privacy Shield participant.


Email Marketing

We may to contact you with product updates. You may opt-out of receiving any, or all, of these communications from Kelp by following the unsubscribe link or instructions provided in any email we send or by contacting us. We may use Email Marketing Service Providers to manage and send emails to you.

Flodesk (Flodesk Inc) - Privacy Policy


Payments

We may provide paid products within Kelp. In that case, we may use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Stripe - Privacy Policy


Ads and analytics

The Kelp web apps collect various usage metrics, such as the percentage of users who use particular features or when users sign in,for the sole purpose of improving the app.


Information usage

We use the information we collect to operate and improve our website, apps, and customer support.

We do not share personal information with outside parties except to the extent necessary to accomplish Kelp’s functionality.

We may disclose your information in response to subpoenas, court orders, or other legal requirements; to exercise our legal rights or defend against legal claims; to investigate, prevent, or take action regarding illegal activities, suspected fraud or abuse, violations of our policies; or to protect our rights and property.

In the future, we may sell to, buy, merge with, or partner with other businesses. In such transactions, user information may be among the transferred assets.


Information isolation

Contact information (i.e. an email address) is only accessible to a user who explicitly added that information, either via one of the above integrations or manually. This information isolation is reinforced with software safeguards to ensure contact information has appropriate visibility.


Security Vulnerability Disclosure

If you believe you have discovered a security or privacy vulnerability that affects Kelp’s software, please report it to us. We welcome reports from everyone, including security researchers, developers, and customers.

You can report a security or privacy vulnerability by emailing us at security@kelp.nyc

In your message, please include:

  • The specific product and software version(s) which you believe are affected.

  • A description of the behavior you observed as well as the behavior that you expected.

  • A numbered list of steps required to reproduce the issue and a video demonstration, if the steps may be hard to follow.

You’ll receive a reply from us to acknowledge that we received your report, and we’ll contact you if we need more information.

For the protection of our members, Kelp doesn’t disclose, discuss, or confirm security issues until our investigation is complete and any necessary updates are generally available.


Accessing, changing, or deleting information

You may access or change your information or delete your account by emailing support@kelp.nyc.

Kelp may delete your information at any time and for any reason, such as technical needs, legal concerns, abuse prevention, removal of idle accounts, data loss, or any other reason.


Third-party links and content

Kelp displays content from third-party social sites and APIs. These have their own independent privacy policies, and we have no responsibility or liability for their content or activities.


California Online Privacy Protection Act Compliance

We comply with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.


Children’s Online Privacy Protection Act Compliance

We never collect or maintain information at our website from those we actually know are under 13, and no part of our website is structured to attract anyone under 13.


Information for European Union Customers

By using Kelp and providing your information, you authorize us to collect, use, and store your information outside of the European Union.

International Transfers of Information

Information may be processed, stored, and used outside of the country in which you are located. Data privacy laws vary across jurisdictions, and different laws may be applicable to your data depending on where it is processed, stored, or used.

Your Consent

By using our site, you consent to our privacy policy.


Changes to this policy

If we decide to change our privacy policy, we will post those changes on this page. Summary of changes so far:

  • November 2, 2020: Remove references to Auth0. Add ability to optionally edit Google Contact notes from Kelp

  • October 11, 2020: First published.


Questions or Concerns

If you have questions or concerns regarding these terms, privacy, or security, please contact us at support@kelp.nyc.